Full Disclosure mailing list archives
Fwd: WiFi is no longer a viable secure connection
From: "Anshuman G" <anshu.pg () gmail com>
Date: Sat, 11 Oct 2008 09:08:56 +0530
---------- Forwarded message ---------- From: Anshuman G <anshu.pg () gmail com> Date: Sat, Oct 11, 2008 at 9:08 AM Subject: Re: [Full-disclosure] WiFi is no longer a viable secure connection To: Cedric Blancher <blancher () cartel-securite fr> Hello, I have turned off SSID broadcast and its pretty obscure, the password is obscure too, its WPA personal, i think its impossible to crack/get in my router without knowing SSID :D . Regards, Anshuman Gholap System Administrator. On Sat, Oct 11, 2008 at 9:03 AM, Cedric Blancher < blancher () cartel-securite fr> wrote:
Le vendredi 10 octobre 2008 à 23:05 -0400, Valdis.Kletnieks () vt edu a écrit :You only need a botnet of several hundred gamer's boxes and you're at10M. Sure. But one question remains: is it worth it ? Using a botnet to crack John Doe's PSK where you can just push password stealing malware on his box ? My problem with this kind of "announce" is that it seems to make people believe that cracking WPA/WPA2 is easy, just like WEP. But it is not, and really far from it. Maybe, or likely, some day, not that far away, someone will come up with a crypto or implementation flaw that will crush them down, but right now, it is not the case. So we stuck to a password guessing game. A game we play for years, with password hashing algorithms that we are *way* more efficient at cracking than a PBKDF2. I don't say we can't break PSK. I say that we suck at it with current implementations, even with a x100 performance increase. -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EEHi! I'm your friendly neighbourhood signature virus. Copy me to your signature file and help me spread!_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- WiFi is no longer a viable secure connection Ivan . (Oct 10)
- Re: WiFi is no longer a viable secure connection Cedric Blancher (Oct 10)
- Re: WiFi is no longer a viable secure connection line (Oct 10)
- Re: WiFi is no longer a viable secure connection Valdis . Kletnieks (Oct 10)
- Re: WiFi is no longer a viable secure connection Cedric Blancher (Oct 10)
- Message not available
- Fwd: WiFi is no longer a viable secure connection Anshuman G (Oct 10)
- Re: Fwd: WiFi is no longer a viable secure connection Cedric Blancher (Oct 10)
- Re: Fwd: WiFi is no longer a viable secure connection A . L . M . Buxey (Oct 11)
- Re: Fwd: WiFi is no longer a viable secure connection Anshuman G (Oct 11)
- Re: Fwd: WiFi is no longer a viable secure connection Cedric Blancher (Oct 11)
- Re: WiFi is no longer a viable secure connection Cedric Blancher (Oct 10)